medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update tech_docs/its_the_new_style_design.md

Browse Source
This commit is contained in:
medusa
2025-08-04 17:28:04 -05:00
parent b99418a5a0
commit ad2fd99c43
1 changed files with 48 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
tech_docs/its_the_new_style_design.md
View File

@@ -1,3 +1,51 @@
Complete, symmetry-first DNS name & function list
(ready to drop straight into **dnsmasq-static-hosts** or NetBox)
────────────────────────────────────────
**INFRA zone**10.0.255.0/282001:db8:c0de:ffff::/64
| Function / Role | DNS name | IPv4 | IPv6 | Notes |
|---|---|---|---|---|
| Swarm Manager-01 (primary) | mgr-01.infra.mycorp.net | 10.0.255.1 | 2001:db8:c0de:ffff::1 | Docker Swarm leader, **private VLAN 255** |
| Swarm Manager-02 | mgr-02.infra.mycorp.net | 10.0.255.2 | 2001:db8:c0de:ffff::2 | Raft voter |
| Swarm Manager-03 | mgr-03.infra.mycorp.net | 10.0.255.3 | 2001:db8:c0de:ffff::3 | Raft voter |
| Internal CA (step-ca) | ca.infra.mycorp.net | 10.0.255.4 | 2001:db8:c0de:ffff::4 | TLS ACME endpoint |
| DNS/DHCP server | ns-01.infra.mycorp.net | 10.0.255.10 | 2001:db8:c0de:ffff::10 | dnsmasq host |
| Swarm VIP **swarm.infra** | swarm.infra.mycorp.net | 10.0.255.11 | 2001:db8:c0de:ffff::11 | Any manager IP (RR if needed) |
| Reserved for Registry | reg.infra.mycorp.net | 10.0.255.20 | 2001:db8:c0de:ffff::20 | Future Docker registry |
────────────────────────────────────────
**DMZ zone**10.0.1.0/242001:db8:c0de:2000::/64
| Function / Role | DNS name | IPv4 | IPv6 | Notes |
|---|---|---|---|---|
| Swarm ingress LB | lb.dmz.mycorp.net | 10.0.1.1 | 2001:db8:c0de:2000::1 | HAProxy / Traefik |
| Web service A | web-01.dmz.mycorp.net | 10.0.1.10 | 2001:db8:c0de:2000::10 | Example service |
| Web service B | web-02.dmz.mycorp.net | 10.0.1.11 | 2001:db8:c0de:2000::11 | Example service |
| API service | api-01.dmz.mycorp.net | 10.0.1.20 | 2001:db8:c0de:2000::20 | Internal API |
| DB service | db-01.dmz.mycorp.net | 10.0.1.30 | 2001:db8:c0de:2000::30 | Postgres / Mongo |
────────────────────────────────────────
**LAN zone**10.0.0.0/242001:db8:c0de:1000::/64
| Function / Role | DNS name | IPv4 | IPv6 | Notes |
|---|---|---|---|---|
| Gateway | gw-01.lan.mycorp.net | 10.0.0.1 | 2001:db8:c0de:1000::1 | Default route |
| Optional Worker | wrk-01.lan.mycorp.net | 10.0.0.10 | 2001:db8:c0de:1000::10 | Swarm worker node |
| Printer | prnt-01.lan.mycorp.net | 10.0.0.20 | 2001:db8:c0de:1000::20 | Static lease |
| Wi-Fi AP | wifi-01.lan.mycorp.net | 10.0.0.30 | 2001:db8:c0de:1000::30 | AP management |
────────────────────────────────────────
**Docker Swarm DNS conventions (internal)**
- Every **service** in the overlay network is reachable as
`<service>.<stack>.sym-net` (e.g. `web.hello.sym-net`).
- External A/AAAA records (above) are **round-robin** via dnsmasq; Swarms **internal DNS** at `127.0.0.11` handles service discovery inside the cluster .
Drop the list in `/etc/dnsmasq-static-hosts`, reload `dnsmasq`, and every hostname & function is **self-documented and symmetrical**.
---
Next logical step: **turn the meta-themes into a *migration-ready manifest*** so the *next* DNS/DHCP engine (Kea + BIND or NetBox) can **inherit the haiku without re-typing it**. Next logical step: **turn the meta-themes into a *migration-ready manifest*** so the *next* DNS/DHCP engine (Kea + BIND or NetBox) can **inherit the haiku without re-typing it**.
We only touch three artefacts: We only touch three artefacts: